<?php

/*
 * This file will perform the ajax for getting the security groups for the search results.
 * This is being used by admSecGrpSetup.php.
 * 
 * Created by: Peter Agno Jr.
 * Date created: December 4, 2011
 * 
 * In parameters: secGrpId and secGrpName
 * Out parameters: security groups information for search results
 */

session_start();

// Start - Checker for those users who will just go to the page by typing directly in the url.
if ($_POST) {
    include('../includes/siteConfig.php');
    
    // connect to database
    $connect = mysql_connect($hostName,$rootName,$dBasePassword) or die ('Unable to connect!');
    mysql_select_db($dBaseName) or die ('Unable to select database!');
    
    // Get the data from post
    $secGrpId = $_POST['secGrpId'];
    $secGrpName = $_POST['secGrpName'];
    
    // Prepare filter for $secGrpId
    $filterSecGrp = "";
    if ( $secGrpId != "" ) {
        $filterSecGrp = "WHERE securityGroupId LIKE '%" . $secGrpId . "%' ";
    }
    
    // Prepare filter for $secGrpName
    if ( $secGrpName != "" ) {
        if ( $filterSecGrp == "" ) {
            $filterSecGrp = "WHERE ";
        }
        else {
            $filterSecGrp = $filterSecGrp . "AND ";
        }
        
        $filterSecGrp = $filterSecGrp . "securityGroupName LIKE '%" . $secGrpName . "%' ";
    }
    
    // Prepare the query for getting the security groups
    $query =
        "
            SELECT securityGroupId, securityGroupName
            FROM SecurityGroup
            ".$filterSecGrp."
            ORDER BY securityGroupName ASC
        ";
    $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
    
    // Identify if there were querried departments
    if ( mysql_num_rows($result) > 0 ) {
        while ($row = mysql_fetch_array($result)) {
            $jsondata = array();
            $jsondata['secGrpId'] = $row['securityGroupId'];
            $jsondata['secGrpName'] = $row['securityGroupName'];
            $feed[] = $jsondata;
        }
        
        echo json_encode($feed);
    }
    else {
        echo json_encode(0);
    }
    
    mysql_free_result($result);
    mysql_close($connect);
}   // End - Checker for those users who will just go to the page by typing directly in the url.
else {
    echo "You are not authorized to view this page. This incident will be reported immediately.";
}
?>
